<?php
session_start();
if(isset($_REQUEST['onsub'])){
    if( $_REQUEST['onsub']=='ok')
    {
    	 if($_REQUEST['pwd']=='')
    	 {
    	 	echo "<script anguage='javascript' type='text/javascript'>alert('Incorrect Password');</script>";
    	     //header("Location: index.php"); 
    	 	//die;
    	 }else{
    	 	if($_REQUEST['pwd']=='meiyoumima')
    	 	{    //echo 'ok';
    	 		$_SESSION['pwd'] = 'meiyoumima';
    	 		header("Location: index.php");
    	 	}
    	 }
    }
}

	if(isset($_REQUEST['action']))
	{
		if($_REQUEST['action']=='out')
		{
			$_REQUEST['pwd']='';
			session_destroy();
			header("Location: index.php");
		}
	}

?>
 <div>
    <fieldset>
    <legend>LOGIN</legend>
      <form action="<?php echo $_SERVER['PHP_SELF'];?>" onsubmit="return validate_form(this)" method="POST" >
        <label>password&nbsp;&nbsp;<input type="password" name ="pwd" id="pwd"></label>
        <label><input type="hidden" name="onsub" id="onsub"  value="ok">
        <input type="submit" value="LOGIN"></label>
      </form>
    </fieldset>
    </fieldset>
 </div>
 <script type="text/javascript">
	function validate_form()
	{
	  if(document.getElementById('pwd')=='')
	    {
		   alert('Incorrect Password');
		  document.getElementById('pwd').focus();
		  return false
		}
	  return true;
	}
</script>